Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cpanel
(Cpanel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 415 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-02 | CVE-2017-18426 | cPanel before 66.0.2 allows resellers to read other accounts' domain log files (SEC-288). | Cpanel | 2.7 | ||
| 2019-08-02 | CVE-2017-18425 | In cPanel before 66.0.2, the cpdavd_error_log file can be created with weak permissions (SEC-280). | Cpanel | 2.5 | ||
| 2019-08-02 | CVE-2017-18391 | cPanel before 68.0.15 allows attackers to read backup files because they are world-readable during a short time interval (SEC-323). | Cpanel | 2.5 | ||
| 2019-08-02 | CVE-2017-18388 | cPanel before 68.0.15 can perform unsafe file operations because Jailshell does not set the umask (SEC-315). | Cpanel | 7.8 | ||
| 2019-08-01 | CVE-2016-10858 | cPanel before 11.54.0.0 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-64). | Cpanel | 9.8 | ||
| 2019-08-01 | CVE-2016-10857 | cPanel before 11.54.0.0 allows a bypass of the e-mail sending limit (SEC-60). | Cpanel | 6.5 | ||
| 2019-08-07 | CVE-2016-10811 | In cPanel before 57.9999.54, /scripts/unsuspendacct exposed TTYs (SEC-116). | Cpanel | 8.8 | ||
| 2019-08-07 | CVE-2016-10810 | In cPanel before 57.9999.54, /scripts/maildir_converter exposed a TTY to an unprivileged process (SEC-115). | Cpanel | 8.8 | ||
| 2019-08-07 | CVE-2016-10809 | In cPanel before 57.9999.54, /scripts/checkinfopages exposed a TTY to an unprivileged process (SEC-114). | Cpanel | 8.8 | ||
| 2019-08-07 | CVE-2016-10807 | cPanel before 57.9999.54 allows certain denial-of-service outcomes via /scripts/killpvhost (SEC-112). | Cpanel | 6.5 |